Get hostname
hostname
Get current user
whoami
Get serial number
wmic bios get serialnumber
Get manufacturer model name
wmic csproduct get name
Print out date/time
echo %DATE% %TIME%
Get OS name and ver (takes a few seconds to run)
systeminfo | findstr /B /C:"OS Name" /C:"OS Version"
All IP config details
ipconfig /allcompartments /all
Get all NIC details
wmic nicconfig get description,IPAddress,MACaddress
Display the DNS cache
ipconfig /displaydns
Check hosts file
more %SystemRoot%\System32\Drivers\etc\hosts
Netstat (run as admin)
Get listening/established ports and PIDs
netstat -naob
netstat -naob | findstr LIST
Print routing table
netstat -nr
route print
List sessions with other computers
net session
net session \\pcname /list
Print our machines we can see on domain
net view
net view \\127.0.0.1
View Netbios over TCP details
nbtstat -S
Show arp table
arp -a
WLAN info
netsh wlan show interfaces
netsh wlan show all
List services
services.msc
tasklist
Show whats inside svhosts
tasklist /svc
tasklist.exe /FI "PID eq 8988" /svc
sc query
wmic service list config
Sysinternals
pslist
pskill
Event logs
eventvwr
wevtutil qe security /f:text | more
Localusers
Lusrmgr
net users
Startup apps
msconfig
autoruns
xcopy find files for a specific date (note date format)
xcopy \\servername\sharename$\*.* /S /L /H /D:mm-dd-yyyy | more
Find files bigger than 30MB
for /R c:\ %i in (*) do @if %~zi gtr 30000000 echo %i %~zi
Sysinternals
tcpviewcon -a
psloggedon
logonsession
handle
listdlls
processexplorer
processmon
sysmon
autoruns
No comments:
Post a Comment